Lucene search
+L

123 matches found

RedhatCVE
RedhatCVE
added 2025/08/16 3:26 p.m.6 views

CVE-2025-7972

A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODEENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers...

8.4CVSS7.2AI score0.00497EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 3:15 p.m.5 views

CVE-2025-7972

A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODEENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers...

9.1CVSS5.8AI score0.00497EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 3:15 p.m.7 views

CVE-2025-7972

A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODEENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers...

9.1CVSS0.00497EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 2:47 p.m.13 views

CVE-2025-7972 Rockwell Automation FactoryTalk® Linx Network Browser Security Bypass Vulnerability

A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODEENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers...

8.4CVSS0.00497EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 2:47 p.m.38 views

CVE-2025-7972

CVE-2025-7972 details (Mode C): A vulnerability in Rockwell Automation’s FactoryTalk Linx Network Browser allows bypassing FTSP token validation by setting process.env.NODE_ENV to ‘development’. This enables an attacker to create, update, and delete FTLinx drivers. Documented impact includes HIGH...

9.1CVSS7.2AI score0.00497EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/14 2:47 p.m.4 views

CVE-2025-7972 Rockwell Automation FactoryTalk® Linx Network Browser Security Bypass Vulnerability

A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODEENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers...

8.4CVSS7.2AI score0.00497EPSS
Exploits0References1
ICS
ICS
added 2025/08/14 6:0 a.m.7 views

Rockwell FactoryTalk Linx

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to to create, update, and delete FTLinx drivers. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

9.1CVSS7.2AI score0.00497EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.10 views

PT-2025-33292

Name of the Vulnerable Software and Affected Versions: FactoryTalk Linx Network Browser affected versions not specified Description: A security issue exists within the FactoryTalk Linx Network Browser. Modifying the process.env.NODE ENV environment variable to ‘development’ disables FTSP token...

8.4CVSS6AI score0.00497EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

Rockwell Automation FactoryTalk Linx 安全漏洞

Rockwell Automation FactoryTalk Linx is a suite of industrial communication solutions from Rockwell Automation USA. The product is primarily used to communicate between small applications and large automation systems, among others. A security vulnerability exists in Rockwell Automation FactoryTal...

9.1CVSS6.8AI score0.00497EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.8 views

The vulnerability of the FactoryTalk Linx automation system’s software, related to insufficient verification of input data, allows a intruder to trigger a service failure.

The vulnerability of the FactoryTalk Linx automation system’s software is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending a malicious package...

8.6CVSS7.2AI score0.01578EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.9 views

The vulnerability of the FactoryTalk Linx automation system’s software lies in the possibility of an operation exceeding the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the FactoryTalk Linx automation system’s software is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.5AI score0.05461EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.8 views

The vulnerability of the FactoryTalk Linx automation system’s software relates to operations where data is written beyond the buffer boundaries in memory. This allows attackers to bypass the ASLR protection mechanism and gain access to confidential information.

The vulnerability of the FactoryTalk Linx automation system’s software is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism and gain access to confidential information...

5.3CVSS7.5AI score0.03189EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 5:42 p.m.8 views

CVE-2020-5801

An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affect...

7.5CVSS6.8AI score0.25219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 p.m.7 views

CVE-2020-27253

A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device...

7.8CVSS6.7AI score0.01578EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.5 views

CVE-2020-5806

An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk...

5.5CVSS6.7AI score0.04776EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:11 p.m.19 views

CVE-2020-11999

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

8.1CVSS7.1AI score0.02805EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:27 p.m.6 views

CVE-2020-27251

A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution...

9.8CVSS7.7AI score0.05461EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:24 p.m.6 views

CVE-2020-27255

A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to th...

7.5CVSS6.8AI score0.03189EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/07/04 9:10 a.m.86 views

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus

Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service DoS condition. "The remote code execution vulnerability in PanelView Plus involves two custom...

9.8CVSS8.6AI score0.99485EPSS
Exploits20
BDU FSTEC
BDU FSTEC
added 2023/10/24 12:0 a.m.10 views

The vulnerability of the software in the FactoryTalk Linx automation system, which is part of Rockwell Automation PanelView Plus, allows a intruder to access confidential information or cause service failures.

The vulnerability of the FactoryTalk Linx automation system software included in Rockwell Automation PanelView Plus relates to writing beyond buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information or cause service failures...

8.5CVSS8.2AI score0.09603EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder